package cn.zqh.auth.config;

import org.springframework.boot.actuate.autoconfigure.security.servlet.EndpointRequest;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

/**
 * SpringSecurity配置
 * Created by macro on 2020/6/19.
 */
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
                .requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll()
                .antMatchers("/rsa/publicKey",
                        "/auth/**",
                        "/oauth/**",
                        "/auth/oauth/getQqCode",
                        "/auth/oauth/createANewUser",
                        "/commodity/commodity/getAll",
                        "/store/store/getStoreByUserId",
                        "/commodity/commodity/searchEngines",
                        "/zqh/router/checkQQCode",
                        "/zqh/router/getQqCode",
                        "/file/minio/upload",
                        "/file/minio/delPictureByName",
                        "/file/comment/getCommentsBySorcid",
                        "/file/comment/getAllCommentNumById",
                        "/commodity/commodity/getCommodityById",
                        "/user/user/createANewUser",
                        "/brand/brand/getALlBrand",
                        "/user/user/getUserPermission",
                        "/user/user/getAllUserNumbers",
                        "/brand/brand/getBrandNumber",
                        "/commodity/commodity/getAllCommodityNumbers",
                        "/commodity/commodity/multiConditionalCompoundQuery",
                        "user/user/userReMoney",
                        "/commodity/commodity/changeItemInventory",
                        "/user/user/getUserById",
                        "/user/user/addMoney"
                ).permitAll()
                .anyRequest().authenticated();
    }

    @Bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

}
